Answer-first summary for fast verification
Answer: The network ACL is blocking HTTPS traffic.
VPC Flow Logs capture traffic at ENI level including accepted/rejected by security groups and NACLs. NACLs are stateless and if misconfigured can block return traffic for HTTPS (port 443). Security groups are stateful so deny explicit is rare. If instance shut down or no IGW, flow logs might show differently.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A SysOps administrator reviews VPC flow logs and finds a specific log entry. Client connections to an EC2 instance in a production VPC are failing. What is a possible cause?
A
A security group deny rule is blocking traffic on port 443.
B
The EC2 instance is shut down.
C
The network ACL is blocking HTTPS traffic.
D
The VPC has no internet gateway attached.
No comments yet.